TeamCity < 2026.1.2 Perforce VCS arbitrary file access
CVE-2026-59793 Published on July 10, 2026
In JetBrains TeamCity before 2026.1.2 arbitrary file access was possible via the Perforce VCS integration
Vulnerability Analysis
CVE-2026-59793 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
HIGH
Weakness Type
External Control of File Name or Path
The software allows user input to control or influence paths or file names that are used in filesystem operations.
Products Associated with CVE-2026-59793
Want to know whenever a new CVE is published for JetBrains Teamcity? stack.watch will email you.
Affected Versions
JetBrains TeamCity:- Before 2026.1.2 is affected.